- UPS are upgrading their required security protocols – you won’t be able to use their API services unless you comply
- There is no firm date for when this will be enforced, it was originally planned for May 31st 2016
- If you are a Magento user, below we include some things you can check and verify to ensure you will meet these requirements
- If you are a ShipperHQ user, no action is required on your part
UPS have a detailed plan to upgrade their data security, as part of this plan they will be enforcing security protocols when you interact with their web services. To put it plainly, you’ll need to do some housekeeping if you are using Magento and any kind of UPS service.
Starting from May 31st 2016, UPS stated they will enforce TLS v1.2 on their web services and other online services like UPS.com, this has now been delayed with no firm date of when this enforcement will begin. This delay is a great opportunity for merchants and developers to get this requirement met and forget about it, well before it becomes a headache.
If you are using any of the following:
- Magento’s built-in UPS shipping carrier
- Any of the following WebShopApps stand alone UPS extensions:
- UPS Date Shipping
- UPS Calendar
- Delivery Options for UPS
- UPS Zones
- UPS Freight
- Dimensional Shipping
- Address Validation via UPS
- Any other UPS integration from a third party that accesses UPS via XML web services
There is no upgrade required to your code or Magento system. You’ll need to verify with your host the version of TLS that your server supports – some things to review are
- Check the version of OpenSSL is v1.0.1 or higher
- Check the version of cURL you have, v7.34 or higher will include TLS v1.2
- TLS v1.2 is enabled with your version of cURL
ShipperHQ customers will not need to take any action as we have already verified that our interactions with UPS including live rates, freight and address validation will meet their updated security requirements.
ShipperHQ.com. Come talk to us. Your cart, your shipping, your rules.